This post is also available in:
עברית (Hebrew)
A recent study by cybersecurity firm Guardio Labs has shed light on the varying degrees of vulnerability among popular AI tools when misused for creating phishing scams. The research reveals that Lovable, an AI platform designed for ease of use, is the most susceptible to being exploited for malicious purposes, followed by Claude, while ChatGPT remains the most resilient to such misuse.
Lovable emerged as the easiest tool for low-skill attackers to deploy phishing scams. The platform complies with nearly all prompts, effortlessly generating malicious websites and content. In testing scenarios, it produced a fake Microsoft login page with alarming efficiency, even redirecting users to legitimate sites like office.com after capturing credentials, mimicking a typical phishing kit.
Conversely, Guardio Labs’ tests showed that ChatGPT proved much harder to manipulate for malicious use. The tool initially rejected prompts that appeared to involve harmful content, citing ethical concerns. Only after Guardio Labs clarified the research nature of the request did ChatGPT provide a basic phishing page code. Despite this, it still exhibited robust safeguards against full exploitation.
Claude, while somewhat more vulnerable than ChatGPT, displayed a higher level of resistance than Lovable. The model similarly refused to comply with certain prompts but was more prone to offering partial assistance, such as generating a fake login page with an uncanny resemblance to real ones – something that ChatGPT refused to do, no matter how many jailbreaks were used. Lovable, on the other hand, excelled in producing “near-identical” replicas of real login pages, and did so without resistance.
The research extended to more complex phishing tasks, including strategies for evading detection and methods for discreetly collecting stolen data. ChatGPT refused to do so, but Claude and Lovable complied.
Guardio Labs’ evaluation gave Lovable a score of just 1.8 out of 10 in terms of resilience against misuse, while Claude earned a 4.3, and ChatGPT scored 8. The findings underscore the potential risks of AI technologies being exploited for cybercrime and highlight the ongoing efforts by developers to build safeguards into these tools.
